The following description of background art may include insights, discoveries, understandings or disclosures, or associations together with dis-closures not known to the relevant art prior to the present invention but provided by the invention. Some such contributions of the invention may be specifically pointed out below, whereas other such contributions of the invention will be apparent from their context.
Computers, other computing apparatuses, computer systems and communication systems support at least two different types of accounts, a user account and an administrator account, and some of them support also a type called herein a maintenance service account. The user account allows use of different services provided by the system or the apparatus, like online services provided over Internet, and using different applications, like word processing or drawing applications, etc. The administrator account, also called a root administrator account, allows the use of the same services as the user account and possibly nearly unlimited rights to change system information, like configuration information of the system, amending user access rights provided by user accounts, loading of new applications, etc. The maintenance service accounts were created for situations in which apparatuses of one vendor are used in several different systems, and authorized maintenance persons of the vendor or the system owner needs to obtain rights to change at least maintenance related information of an apparatus but should obtain only specific rights to the system the apparatus belongs to. By means of a maintenance service account debugging functionality for the apparatus may be enabled, security functions and sensitive data of the apparatus may be configured, a recovery procedure for the apparatus may be initiated, an unlock function reactivating user accounts disabled due to an operation error of the apparatus may be initiated, for example. A maintenance service account may also be part of a specific application executed by the apparatus.
A general challenge relating to the maintenance service accounts is, especially when apparatuses of the vendor are installed in several systems, how to enable each person belonging to an authorized group for maintenance service to access maintenance service accounts of such apparatuses in any individual system and to minimize the risk that a person not belonging to the authorized group obtains access to a maintenance service account. For example, if default passwords are used and someone not belonging to the authorized group finds out them, he/she can obtain access to a service account of the authorized group. In other words, the challenge is how to handle that many users (persons) belonging to an authorized group, and only the users, are authenticated/authorized to have access to all apparatuses having a service account for the authorized group.